Update prism requirement from >= 0.29, < 1.3 to >= 0.29, < 1.5

[dependabot]

Updates the requirements on prism to permit the latest version.

Release notes

Sourced from prism's releases.

v1.4.0

Added

• Support 3.5 as a version option.
• Many, many compatibility fixes for the parser translation layer.
• Handle escapes in named capture names.
• The freeze option is added to the various Prism:: APIs to deeply freeze the AST.
• Properly support it for the parser and ruby_parser translation layers.
• Track the then keyword on rescue nodes.
• Add a multiple_statements? flag to parentheses nodes to support desired defined? behavior.

Changed

• The strings used in the AST are now frozen.
• Fixed handling escaped characters after control sequences in character literals.
• Fix reading off the end of an unterminated global variable.
• Raise a syntax error for defining []= with endless method syntax.
• Increase value of PRISM_DEPTH_MAXIMUM to 10000.
• Freeze Prism::VERSION.
• Fix up rescue modifier precedence.

v1.3.0

Added

• Introduce Prism::StringQuery.
• Introduce Prism::Relocation.
• Track do keyword for WhileNode and UntilNode.
• Change the way the gem is built to rely on mkmf instead of make.
• Lots more documentation on node fields.

Changed

• Properly add an error for def @foo; end.
• Properly add an error for foo(**, *).
• Fix up regression in string parsing in RubyParser translation.
• Reject invalid dot method call after match expression.
• Reject invalid operator after match expression.
• Fix up %-literals delimited by newlines.
• Properly add an error for -> { _1; -> { _1 } }.
• Reject blocks and keywords in index writes.

Changelog

Sourced from prism's changelog.

[1.4.0] - 2025-03-18

Added

• Support 3.5 as a version option.
• Many, many compatibility fixes for the parser translation layer.
• Handle escapes in named capture names.
• The freeze option is added to the various Prism:: APIs to deeply freeze the AST.
• Properly support it for the parser and ruby_parser translation layers.
• Track the then keyword on rescue nodes.
• Add a multiple_statements? flag to parentheses nodes to support desired defined? behavior.

Changed

• The strings used in the AST are now frozen.
• Fixed handling escaped characters after control sequences in character literals.
• Fix reading off the end of an unterminated global variable.
• Raise a syntax error for defining []= with endless method syntax.
• Increase value of PRISM_DEPTH_MAXIMUM to 10000.
• Freeze Prism::VERSION.
• Fix up rescue modifier precedence.

[1.3.0] - 2024-12-21

Added

• Introduce Prism::StringQuery.
• Introduce Prism::Relocation.
• Track do keyword for WhileNode and UntilNode.
• Change the way the gem is built to rely on mkmf instead of make.
• Lots more documentation on node fields.

Changed

• Properly add an error for def @foo; end.
• Properly add an error for foo(**, *).
• Fix up regression in string parsing in RubyParser translation.
• Reject invalid dot method call after match expression.
• Reject invalid operator after match expression.
• Fix up %-literals delimited by newlines.
• Properly add an error for -> { _1; -> { _1 } }.
• Reject blocks and keywords in index writes.

Commits

• 1463122 Merge pull request #3500 from ruby/bump-version
• 71d31db Bump to v1.4.0
• e8f784e Merge pull request #3499 from ruby/concat-xstrings
• f734350 Make xstrings concat syntax error
• cec425c Merge pull request #3498 from ruby/update-trufflruby
• 2afe89f Update truffleruby version
• 55408bf Merge pull request #3496 from ruby/multiple-statements-flag
• b63b5d6 Add a multiple statements flag to parentheses
• 5c04045 Merge pull request #3495 from ruby/dont-require-set-until-needed
• 422d5c4 Use Set.new over to_set
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[koic]

It doesn't seem necessary to lock the upper (minor) version bound of Prism. I've heard from user feedback that they were unable to resolve versions when using the latest RuboCop (RuboCop AST), which requires Prism 1.4+. As a reference, RuboCop doesn't plan to lock an upper bound on minor Prism version:
https://github.com/rubocop/rubocop-ast/blob/v1.44.0/rubocop-ast.gemspec#L37

It's probably better to leave the Prism version up to users, I think.

[dependabot]

Superseded by #210.